No Valid User in Session. Please Login Again!';
} else {
$statement = $pdo->prepare("SELECT * FROM users WHERE username = :username");
$result = $statement->execute(array('username' => $sessionuser));
$user = $statement->fetch();
if($user === false) {
$error = 'no user found';
}
if($user['username'] == ""){
$error = 'no user found';
}
if($user['activated'] == "1"){
$error = 'user already activated!';
} else {
//check if theres a code already
$activationcode = random_string();
$statement = $pdo->prepare("UPDATE users SET activationcode = :activationcode, activationcode_time = NOW() WHERE id = :userid");
$result = $statement->execute(array('activationcode' => sha1($activationcode), 'userid' => $user['id']));
$mailrcpt = $user['email'];
$mailsubject = "Activate the Account of ".$user['username'];
$from = "From: Account Activation Service "; //place a real address if we use this in production
$url_activationcode = 'https://loginpagefoo.td00.de/activate.php?userid='.$user['id'].'&code='.$activationcode; //this shouldnt be my domain in prod..
$text = 'Hallo '.$user['username'].',
please use the following URL to activate your account in the next 24h:
'.$url_activationcode.'
If this mail comes unsolicited, please just ignore the mail.
cheers
loginpagefoo script';
mail($mailrcpt, $mailsubject, $text, $from);
echo 'Link send. Going back to profile page. ';
$showForm = false;
}
}
}
if($showForm):
?>
Activate user